Previously, a variety of apparatuses using a secret personal number or password for personal identity verification or authentication has been devised and put into practice. In banks or other financial institutions, for example, for using cash cards or credit cards, cash dispensers or other banking terminals prompt users to enter a secret personal number or a password for personal identity authentication, and cash cannot be deposited or withdrawn until it has been confirmed that the correct secret personal number or password was entered by the user.
A storage medium such as a magnetic strip placed on one cash card has only a single storage area for only the corresponding bank. The above-noted secret personal number or password entry merely allows access to the single storage area, and it may be insufficient for protection against forgery or theft.
For anti-forgery purposes, the cash card or credit card is often implemented as a contact IC card having an electric contact or a non-contact IC card for reading and writing data in a non-contact manner via wireless data communication. IC card readers/writers installed in, for example, cash dispensers, at the entrances of concert halls, on station ticket gates, and so on are able to access IC cards passed thereover by users in a non-contact manner.
A user enters a secret personal number to the reader of an IC card reader/writer to verify the entered secret personal number against a secret personal number stored in the IC card, thus realizing personal identity verification or authentication between the IC card and the IC card reader/writer. When personal identity verification or authentication is successfully performed, for example, an application stored in the IC card can be used. The applications stored in an IC card may include, for example, these for amount information such as electronic money and electronic ticketing. Furthermore, IC cards having prepaid vouchers electronically stored therein or portable terminals connected thereto can be used as prepaid cards. (A secret personal number for use in accessing an IC card is referred to as a PIN (Personal Identification Number).)
Recently, with the development of nanotechnology, IC cards having a relatively large capacity of storage space have become commercially available and increasingly widespread. Since a traditional cash card has only a single storage area, i.e., a single application, carried therein, it is necessary to carry a plurality of cards for various uses or applications. On the other hand, the above-noted IC card having a large capacity memory can concurrently store a plurality of applications, and, therefore, a single IC card can be used for a plurality of applications. For example, more than one application used for electronic money for electronic payment, electronic tickets for admission to designated concert halls, digital prepaid vouchers, and so on can be stored on a single IC card so as to use the single IC card in various applications.
An IC card includes not only a non-contact interface with a card reader/writer (card reading and writing apparatus) but also an external wired interface for connecting to an external device, and the IC card can be connected to or installed in an information processing terminal, such as a cellular telephone or a PDA (Personal Digital Assistant), when used. (In many cases where the IC card is installed in the terminal, the IC card is formed into one chip. The IC card and IC chip are hereinafter collectively referred to simply as an “IC card”.)
In such a case, a variety of application services using the IC card can be performed on the information processing terminal. For example, a user interface, such as a keyboard or a display on the information processing terminal, can be used for user interaction with the IC card on the information processing terminal. If the IC card is connected to a cellular telephone, the content stored on the IC card can be exchanged over a telephone line.
It is to be understood that, in the case where amount information such as electronic money, electronic tickets, and prepaid vouchers is stored in the IC card, the information processing terminal can realize amount information processing, such as electronic payment and prepaid-card-based payment and various other services. The information processing terminal can also provide processing according to a data transfer phase between the IC card and a card reading and writing apparatus, or processing according to the internal state of the IC card (for example, the information stored in the IC card can be viewed on a screen of a portable terminal).
The amount information stored in an IC card or IC chip is encoded using a predetermined key for preventing unauthorized use such as copying or tampering. Since an IC chip installed in a portable terminal would be easily interfered with via an external interface, in many cases, the portable terminal has no key, and the amount information is accessed using a key only online for the purpose of offline protection against unauthorized use or key theft.
However, in such cases, disadvantageously, the amount information cannot be viewed offline at all.